Articles In Security

September 1, SecurityWeek – (International) Betabot starts delivering Cerber ransomware. Security researchers from Invincea discovered the Betabot ransomware began carrying out a second-stage payload where the malware delivers the Cerber ransomware on the endpoint of a compromised machine after stealing user passwords in the first-stage, in order for the malware operators to increase their profits. Researchers also found the ransomware was being delivered by the Neutrino exploit kit (EK) and stated th... read more.

August 31, SecurityWeek – (International) 68 million exposed in old Dropbox hack. Dropbox, Inc. began prompting password resets for more than 68 million users potentially exposed in a July 2012 data breach where user email addresses and hashed and salted passwords for Dropbox accounts may have been improperly accessed after a Dropbox employee’s password was stolen and used to access an employee account that contained a document containing the user information. Dropbox officials do not believe an... read more.

August 30, Softpedia – (International) New and mysterious FairWare ransomware targets Linux server. A Bleeping Computer analyst reported that at least 3 Linux server administrators discovered that a ransomware variant, dubbed FairWare hacked their servers, removed their Website root folders, and left a ransom note in the /root folder demanding a 2 Bitcoin, or roughly $1,150, payment in order to retrieve the files. The researcher stated there is no evidence that the ransomware encrypts the user’s... read more.

August 26, Softpedia – (International) New Locky ransomware version delivered as DLL file. Cyren security researchers discovered that a variant of the Locky ransomware, Zepto received updates and is now installed on infected devices as dynamic-link library (DLL) files, instead of executable (EXE) files. Researchers also found that the DLL file uses a custom packer in order to prevent detection from anti-malware scanners. Source
August 26, SecurityWeek – (International) Apple issues emergency fi... read more.

August 23, Softpedia – (International) Intruders use virtual machines on infected PCs to hide their actions. SecureWorks discovered malicious actors were attempting to install and launch a new virtual machine (VM) on an infected host in order to connect to the compromised device’s VM and withdraw sensitive data or execute other malicious actions without being detected by security software after finding that the attacker was using the Microsoft Management Console (MMC) to launch the Hyper-V Manag... read more.

August 18, SecurityWeek – (International) Cisco patches critical flaws in Firepower Management Center. Cisco released patches for its Firepower Management Center to address several flaws in the appliance’s Web-based graphical user interface (GUI) including a medium-severity cross-site scripting (XSS) flaw, a critical vulnerability that could allow an authenticated attacker to remotely execute arbitrary commands on a device with root-level privileges, and a flaw that could allow an authenticated... read more.

August 18, SecurityWeek – (International) Flaws in smart sockets expose networks to remote attacks. Bitdefender researchers reported a popular brand of smart electrical sockets is plagued with serious vulnerabilities that could be exploited by a remote attacker who knows the media access control (MAC) and default password to take control of the device, make configuration changes, and obtain user information after finding that the socket’s hotspot is protected by default credentials and users are... read more.